In a stealth move, one of the largest internet service providers could be tainting your websites with unwanted ads and malicious code. Sound dramatic? Comcast, as part of the recent launch of its XFinity public WiFi hotspots, is inserting ads of its services across various websites, unbeknownst to the website owners.

Injecting ads via Javascript into a site where the particular code doesn’t normally appear isn’t a great idea either. The code could create unintended security vulnerabilities for a malicious individual to exploit and make sites that were previously secure vulnerable to attack. Although JavaScript is used widely throughout the web community, your browser can have a hard time determining the difference between good and bad code.

Comcast reassures users that the ads only appear when using XFinity public hotspots, and do not apply to websites accessed by a Comcast WiFi router at home. Either way, this practice cuts to the core of the net neutrality debate, as the FCC is currently determining policies that could include provisions stating broadband providers must deliver broadband without injecting any data packets.

How can you prevent being victim of a malicious attack? Connecting to WPA2-Enterprise and authenticating via 802.1X ensures network traffic is encrypted and secure. You should also access sites using HTTPs encryption, meaning only your browser and the server can decrypt the traffic.

Related Posts

According to Comcast, home is where the (ahem) hotspot is. Last year the cable company began adding technology to their routers, creating public hotspots for Comcast customers wishing to access free WiFi on the go. In June, Comcast rolled out …